Despite Heightened Attention To Cybersecurity Risks, Today’s Software Investors Don’t Feel Any Better Prepared

Despite Heightened Attention To Cybersecurity Risks, Today’s Software Investors Don’t Feel Any Better Prepared

During the first half of 2017, West Monroe and Mergermarket surveyed 100 senior private equity and corporate executives, all with organizations that have acquired at least one software firm over the past three years. Respondents cited various challenges to orchestrating a successful acquisition – one of the top among them being cybersecurity.…

Read More
Unpleasant Discoveries: Cybersecurity Vulnerabilities Uncovered

Unpleasant Discoveries: Cybersecurity Vulnerabilities Uncovered

It’s every acquirer’s worst nightmare: you’ve spent countless hours vetting an M&A target, and after the deal goes through, you catch something. West Monroe Partners surveyed top-level corporate executives and private equity partners about their companies’ practices in order to better understand the state of cybersecurity diligence for M&A. The results provide a window into the trends...

Read More
The PCI DSS Cares about Disaster Recovery & Backups

The PCI DSS Cares about Disaster Recovery & Backups

In a separate post, we discussed Common Misconceptions around the Payment Card Industry Data Security Standard (PCI DSS). Building off those thoughts, this post will discuss an often-overlooked consideration when navigating the PCI DSS – disaster recovery (DR) and backups. West Monroe Partners has extensive experience conducting security due diligences for M&A transactions and helping...

Read More
Backing Up To the Cloud From the Cloud

Backing Up To the Cloud From the Cloud

In our last post, “Managing Administrative Access to an Azure-based Cardholder Data Environment,” we outlined ways to secure administrative workflows by using various Azure technologies. We’ll resume with part eight of the Azure Secure Cloud Migration blog series, covering considerations for backing up VMs in Azure and all the associated restrictions and caveats.…

Read More
Integrating Data Security into Your Transaction Due Diligence Process

Integrating Data Security into Your Transaction Due Diligence Process

It’s hard to read the news these days without seeing another headline about a data breach. As companies rely increasingly on technology, the importance of securing customer information and intellectual property has increased exponentially—as has the cost of failing to keep data secure. Concerns about cybersecurity have become especially acute when it comes to M&A transactions.…

Read More
Reduce PCI DSS Costs by Reducing Scope

Reduce PCI DSS Costs by Reducing Scope

In a recent post, we discussed some scenarios involving Service Providers and their integration into Payment Card Industry Data Security Standard (PCI DSS) compliance. Click here for more of our recent series of blog posts on PCI DSS-related topics for more information. Defining the cardholder data environment (CDE) is a key step toward PCI DSS compliance and has become somewhat of a pain...

Read More
Importance of Cybersecurity: Understanding Preventive “Medicine” to Maintain Cyber Health

Importance of Cybersecurity: Understanding Preventive “Medicine” to Maintain Cyber Health

Believe it or not, information security professionals could learn some lessons from the health and wellness industry. The practice of preventative care can and should be transferred to the information security profession. According to the American College of Preventive Medicine, preventive medicine is defined as “a practice by all physicians to keep their patients healthy“.…

Read More
There’s a Plan for That | Cybersecurity Incident Response & the PCI DSS

There’s a Plan for That | Cybersecurity Incident Response & the PCI DSS

In a recent post, we discussed the challenges associated with attesting to the Payment Card Industry’s Data Security Standard (PCI DSS) compliance, including frequent oversights we encounter while conducting security due diligences and gap analyses for our clients. See “Common Misconceptions around the Payment Card Industry Data Security Standard (PCI DSS)” from our recent series of blogs on...

Read More
Isolating the Cardholder Data Environment with Network Segmentation

Isolating the Cardholder Data Environment with Network Segmentation

In a recent post, we discussed many of the challenges with attesting to PCI DSS compliance, including a description of some of the factors that are often overlooked when defining the cardholder data environment (CDE). See “Common Misconceptions around the Payment Card Industry Data Security Standard (PCI DSS)” from our recent series of blogs on PCI DSS-related topics for more information. …

Read More
Common Misconceptions around the Payment Card Industry Data Security Standard (PCI DSS)

Common Misconceptions around the Payment Card Industry Data Security Standard (PCI DSS)

In a recent post, we discussed what PCI DSS is, why it matters, and the release of the latest version, including a summary of the changes and the impact of each. See “What PCI DSS version 3.2 means for you” for more information. In 2016, West Monroe Partners has conducted over 140 IT diligences on behalf of private equity firms and strategic buyers across a number of industries as...

Read More
What PCI DSS Version 3.2 Means for You

What PCI DSS Version 3.2 Means for You

The Payment Card Industry Security Standards Council (PCI SSC) recently released version 3.2 of their Data Security Standard (PCI DSS v3.2).  The PCI DSS is a global standard designed to protect payment card data.  It applies to any organization that accepts or processes payment cards, and lays out a comprehensive compliance program designed to define how organizations should implement...

Read More
Phone: 312-602-4000
Email: marketing@westmonroepartners.com
222 W. Adams
Chicago, IL 60606
Show Buttons
Share On Facebook
Share On Twitter
Share on LinkedIn
Hide Buttons